<?php
/*
 * 	Manhali - Free Course Management System
 *	files.php
 *	2009-05-14 23:38
 * 	Author: El Haddioui Ismail <ismail.elhaddioui@gmail.com>
 * 	Copyright (C) 2009-2011  El Haddioui Ismail. All rights reserved
 * 	License : GNU/GPL v3

This file is part of Manhali

Manhali is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

Manhali is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with Manhali.  If not, see <http://www.gnu.org/licenses/>.

*/

defined("access_const") or die( 'Restricted access' );

if (isset($_SESSION['connect']["log"]) && $_SESSION['connect']["log"] == 1){
	
	echo "<div id=\"titre\">".gestion_fichiers."</div><br />";

	function file_size_convert($size_file) {
		if ($size_file >= 1048576)
			$size_file2 = round($size_file / 1048576,2)." ".mo;
		else if ($size_file >= 1024)
			$size_file2 = round($size_file / 1024,2)." ".ko;
		else
			$size_file2 = $size_file." ".octets;
		return $size_file2;
	}

 if (isset($_GET['do'])) $do = $_GET['do'];
 else $do="";
 switch ($do){

	// ****************** upload_file **************************
  case "upload_file" : {

		$extensions = array("swf","pdf","bmp","jpg","gif","png","flv","mp4","mp3","txt","doc","docx","xls","xlsx","ppt","pptx","pps","ppsx","zip","rar","rtf");

		$type_mime = array("swf" => "application/x-shockwave-flash", "pdf" => "application/pdf", "bmp" => "image/bmp", "jpg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png", "flv" => "application/octet-stream", "mp4" => "video/mp4v-es", "mp3" => "audio/mpeg", "txt" => "text/plain", "doc" => "application/msword", "docx" => "application/octet-stream", "xls" => "application/vnd.ms-excel", "xlsx" => "application/octet-stream", "ppt" => "application/vnd.ms-powerpoint", "pptx" => "application/octet-stream", "pps" => "application/vnd.ms-powerpoint", "ppsx" => "application/octet-stream", "zip" => "application/octet-stream", "rar" => "application/force-download", "rtf" => "text/rtf");
		$type_mime2 = array("jpg" => "image/pjpeg", "png" => "image/x-png", "mp4" => "video/mpeg", "docx" => "application/x-zip-compressed", "xlsx" => "application/x-zip-compressed", "pptx" => "application/x-zip-compressed", "ppsx" => "application/x-zip-compressed", "zip" => "application/x-zip-compressed", "rar" => "application/octet-stream", "rtf" => "application/msword", "flv" => "", "mp3" => "audio/mp3");
		$type_mime3 = array("mp4" => "video/mp4", "docx" => "application/vnd.openxmlformats-officedocument.wordprocessingml.document", "xlsx" => "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", "pptx" => "application/vnd.openxmlformats-officedocument.presentationml.presentation", "ppsx" => "application/vnd.openxmlformats-officedocument.presentationml.slideshow", "zip" => "application/zip", "rar" => "application/x-rar-compressed", "rtf" => "application/rtf");
		$type_mime4 = array("docx" => "", "xlsx" => "", "pptx" => "", "ppsx" => "", "zip" => "", "rar" => "");	

		goback_button();
	
		$upload_max_filesize = @ini_get('upload_max_filesize');

		if(!empty($_FILES["uploaded_file"]) && !empty($_POST['random'])){
			if (!isset($_SESSION['upload_key']) || $_SESSION['upload_key'] != $_POST['random']){
				$_SESSION['upload_key'] = $_POST['random'];
				$filename = $_FILES['uploaded_file']['name'];
				$file_size = $_FILES["uploaded_file"]["size"];
 					if ($_FILES['uploaded_file']['error'] == 0) {
  					$ext = substr($filename, strrpos($filename, '.') + 1);
  					$ext = strtolower($ext);
  					if (in_array($ext, $extensions) && ($_FILES["uploaded_file"]["type"] == $type_mime[$ext] || $_FILES["uploaded_file"]["type"] == $type_mime2[$ext] || $_FILES["uploaded_file"]["type"] == $type_mime3[$ext] || $_FILES["uploaded_file"]["type"] == $type_mime4[$ext])){
  				
  						$new_file = fonc_rand(24).".".$ext;
  						while (file_exists("../docs/".$new_file))
  							$new_file = fonc_rand(24).".".$ext;
  						$destination = "../docs/".$new_file;
							if ((@move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$destination))) {
					
								if (strpos($_FILES["uploaded_file"]["type"],"image")===0)
									$is_image = 1;
								else $is_image = 0;
					
								$time_upload = time();
 								$insertfile = "INSERT INTO `" . $tblprefix . "files` VALUES (NULL,$id_user_session,'$filename',$file_size,'$new_file',$time_upload,'$is_image');";
	        			mysql_query($insertfile,$connect);
          			echo "<font color=\"green\"><b>".fichier_uploade."<br />".fichier_uploade2."</b></font><br /><br /><center><form><input type=\"text\" size=\"38\" onClick=\"select();\" value=\"".$destination."\" readonly=\"readonly\"></form></center>";
        			} else echo "<font color=\"red\"><b>".erreur_upload."</b></font><br />";

  					} else echo "<font color=\"red\"><b>".erreur_upload_type."</b></font><br />";
					}
					else {
						switch ($_FILES['uploaded_file']['error']){
  						case 1 : echo "<font color=\"red\"><b>".erreur_upload_1." : ".$upload_max_filesize."</b></font><br />";
								break;
  						case 2 : echo "<font color=\"red\"><b>".erreur_upload_2."</b></font><br />";
								break;
  						case 3 : echo "<font color=\"red\"><b>".erreur_upload_3."</b></font><br />";
								break;
  						case 4 : echo "<font color=\"red\"><b>".erreur_upload_4."</b></font><br />";
								break;
  						case 5 : echo "<font color=\"red\"><b>".erreur_upload_6."</b></font><br />";
								break;
  						case 6 : echo "<font color=\"red\"><b>".erreur_upload_7."</b></font><br />";
								break;
  						case 7 : echo "<font color=\"red\"><b>".erreur_upload_8."</b></font><br />";
								break;
  						default : echo "<font color=\"red\"><b>".erreur_upload_default."</b></font><br />";
						}
					}
			}	else echo "<font color=\"red\"><b>".erreur_upload_key."</b></font><br />";
		}

		echo "<br /><form enctype=\"multipart/form-data\" action=\"\" method=\"post\">";
		echo "<input name=\"uploaded_file\" type=\"file\" />";
		echo "<input type=\"hidden\" name=\"random\" value=\"".fonc_rand(16)."\" />";
		echo "<input type=\"submit\" value=\"".btnsend."\" /></form>";
		echo "<br /><ul>";
		if (!empty($upload_max_filesize))
			echo "<li><b>".taille_max." ".$upload_max_filesize."</b></li>";
		echo "<br /><li><b>".extentions_autorisees." : </b>";
		echo "<br />- ".type_file1;
		echo "<br />- ".type_file2;
		echo "<br />- ".type_file3;
		echo "<br />- ".type_file4;
		echo "<br />- ".type_file5;
		echo "<br />- ".type_file6;
		echo "</li></ul>";

  } break;

  // ****************** delete_file **************************
  case "delete_file" : {
  	if (isset($_GET['key']) && $_GET['key'] == $key){
  		if (isset($_GET['id_file']) && ctype_digit($_GET['id_file']))
				$id_file = intval($_GET['id_file']);
			else $id_file = 0;

			$select_file = mysql_query("select id_user,lien_file from `" . $tblprefix . "files` where id_file = $id_file;");
			if (mysql_num_rows($select_file) == 1){
				
				$user = html_ent(mysql_result($select_file,0,0));
		  	$lien_fichier = html_ent(mysql_result($select_file,0,1));
		  	
		  	if (isset($grade_user_session) && ($grade_user_session == "3" || $grade_user_session == "2" || $grade_user_session == "1" || $user == $id_user_session)){
		  		$delete_file = mysql_query("delete from `" . $tblprefix . "files` where id_file = $id_file;");
		  		@unlink("../docs/".$lien_fichier);
		  	}
    	}
		}
    locationhref_admin("?inc=files");
  } break;
    
  // ****************** files_list **************************
  default : {
  	
   echo "<table border=\"0\"><tr><td><a href=\"?inc=files&do=upload_file\"><img border=\"0\" src=\"../images/others/add.png\" /></a></td><td><a href=\"?inc=files&do=upload_file\"><b>".upload_file."</b></a></td></tr></table><br />";

   confirmer();
   $max_len = 30;

	 function readmorefile($string,$length) {
	 	if(strlen($string) > $length)
	  	$string = substr($string,0,$length-7)."...".substr($string,-4,4);
		return $string;
	 }

	 if (isset($_GET['l']) && ctype_digit($_GET['l']))
	 		$page = intval($_GET['l']);
	 else
			$page = 1;
		
  	//************************* Editors **************************
  	
   if (isset($grade_user_session) && ($grade_user_session == "3" || $grade_user_session == "2" || $grade_user_session == "1")){
   
    $select_my_files = mysql_query("select * from `" . $tblprefix . "files`;");
    
    $nbr_trouve = mysql_num_rows($select_my_files);
    
    if ($nbr_trouve > 0){

			$page_max = ceil($nbr_trouve / $nbr_resultats);

			if ($page <= $page_max && $page > 1 && $page_max > 1)
				$limit = ($page - 1) * $nbr_resultats;
			else {
				$limit = 0;
				$page = 1;
			}
    	$select_my_files_limit = mysql_query("select * from `" . $tblprefix . "files` order by date_file desc limit $limit, $nbr_resultats;");

    	echo "<table width=\"100%\" align=\"center\" style=\"border: 1px solid #000000;\"><tr bgcolor=\"#f1d3bd\">\n";
			echo "\n<td class=\"affichage_table\"><b>".fichier."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".added_by."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".taille_fichier."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".lien_fichier."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".date_ajout."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".miniature."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".supprimer."</b></td>";
			echo "</tr>";

			while($fichier = mysql_fetch_row($select_my_files_limit)){
					
				$nom_fichier = html_ent($fichier[2]);
				$nom_fichier = readmorefile($nom_fichier,$max_len);
				
				$taille_fichier = $fichier[3];
				$lien_fichier = html_ent($fichier[4]);
				$date_ajout = date("d/m/Y - H:i:s",$fichier[5]);

				if ($fichier[1] == $id_user_session)
					echo "<tr bgcolor=\"#cccccc\">\n";
				else echo "<tr>\n";
				
				echo "\n<td class=\"affichage_table\"><b>".$nom_fichier."</b></td>";
				
    		$select_user = mysql_query("select identifiant_user from `" . $tblprefix . "users` where id_user = $fichier[1];");
    		if (mysql_num_rows($select_user) == 1)
    			$user = html_ent(mysql_result($select_user,0));
    		else $user = inconnu;
				echo "\n<td class=\"affichage_table\"><a href=\"../?profiles=".$fichier[1]."\" title=\"".user_profile."\"><b>".$user."</b></a></td>";
				
				echo "\n<td class=\"affichage_table\">".file_size_convert($taille_fichier)."</td>";
				echo "\n<td class=\"affichage_table\"><form><input type=\"text\" size=\"36\" onClick=\"select();\" value=\"../docs/".$lien_fichier."\" readonly=\"readonly\"></form></td>";
				echo "\n<td class=\"affichage_table\">".$date_ajout."</td>";
					
				echo "\n<td class=\"affichage_table\">";
				if (file_exists("../docs/".$lien_fichier)) {
					if ($fichier[6] == 1)
						echo "<img border=\"0\" src=\"../docs/".$lien_fichier."\" alt=\"".$nom_fichier."\" width=\"100\" height=\"100\" />";
					else
						echo substr($lien_fichier,-3,3);	
				} else
					echo "<font color=\"red\">".introuvable."</font>";
				echo "</td>";
				
				echo "\n<td class=\"affichage_table\"><a href=\"#\" onClick=\"confirmer('?inc=files&do=delete_file&id_file=".$fichier[0]."&key=".$key."','".confirm_supprimer_file."')\" title=\"".supprimer."\"><img border=\"0\" src=\"../images/others/delete.png\" width=\"32\" height=\"32\" /></a></td>";
					
				echo "</tr>\n";
			}
			echo "\n</table>";

			if ($page_max > 1){

				$page_precedente = $page - 1;
				$page_suivante = $page + 1;

  			echo "<br /><table border=\"0\" align=\"center\"><tr>";

				if ($page_precedente >= 1)
					echo "<td><a href=\"?inc=files&l=".$page_precedente."\"><img border=\"0\" src=\"../images/others/precedent.png\" width=\"32\" height=\"32\" /></a></td><td><a href=\"?inc=files&l=".$page_precedente."\"><b>".page_precedente."</b></a></td>";

				echo "<td>";
			
				for($i=1;$i<=$page_max;$i++){
					if ($i != $page)
						echo "<a href=\"?inc=files&l=".$i."\">";
				
					echo "<b>".$i."</b>";
			
					if ($i != $page)
						echo "</a>";
				
					echo "&nbsp; ";
				}
			
				echo "</td>";
		
				if ($page_suivante <= $page_max)
					echo "<td><a href=\"?inc=files&l=".$page_suivante."\"><b>".page_suivante."</b></a></td><td><a href=\"?inc=files&l=".$page_suivante."\"><img border=\"0\" src=\"../images/others/suivant.png\" width=\"32\" height=\"32\" /></a></td>";

				echo "</tr></table>";
			}
    } else echo aucun_fichier_trouve;
   
   }
   
   //************************* Redactors **************************
   
   else {

  	$select_my_files = mysql_query("select * from `" . $tblprefix . "files` where id_user = $id_user_session;");
    
    $nbr_trouve = mysql_num_rows($select_my_files);
    
    if ($nbr_trouve > 0){

			$page_max = ceil($nbr_trouve / $nbr_resultats);

			if ($page <= $page_max && $page > 1 && $page_max > 1)
				$limit = ($page - 1) * $nbr_resultats;
			else {
				$limit = 0;
				$page = 1;
			}
    	$select_my_files_limit = mysql_query("select * from `" . $tblprefix . "files` where id_user = $id_user_session order by date_file desc limit $limit, $nbr_resultats;");

    	echo "<table width=\"100%\" align=\"center\" style=\"border: 1px solid #000000;\"><tr bgcolor=\"#f1d3bd\">\n";
			echo "\n<td class=\"affichage_table\"><b>".mes_fichiers."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".taille_fichier."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".lien_fichier."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".date_ajout."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".miniature."</b></td>";
			echo "\n<td class=\"affichage_table\"><b>".supprimer."</b></td>";
			echo "</tr>";

			while($fichier = mysql_fetch_row($select_my_files_limit)){
					
				$nom_fichier = html_ent($fichier[2]);
				$nom_fichier = readmorefile($nom_fichier,$max_len);
					
				$taille_fichier = $fichier[3];
				$lien_fichier = html_ent($fichier[4]);
				$date_ajout = date("d/m/Y - H:i:s",$fichier[5]);

				echo "<tr>\n";
				
				echo "\n<td class=\"affichage_table\"><b>".$nom_fichier."</b></td>";
				echo "\n<td class=\"affichage_table\">".file_size_convert($taille_fichier)."</td>";
				echo "\n<td class=\"affichage_table\"><form><input type=\"text\" size=\"36\" onClick=\"select();\" value=\"../docs/".$lien_fichier."\" readonly=\"readonly\"></form></td>";
				echo "\n<td class=\"affichage_table\">".$date_ajout."</td>";
					
				echo "\n<td class=\"affichage_table\">";
				if (file_exists("../docs/".$lien_fichier)) {
					if ($fichier[6] == 1)
						echo "<img border=\"0\" src=\"../docs/".$lien_fichier."\" alt=\"".$nom_fichier."\" width=\"100\" height=\"100\" />";
					else
						echo substr($lien_fichier,-3,3);	
				} else
					echo "<font color=\"red\">".introuvable."</font>";
				echo "</td>";
				
				echo "\n<td class=\"affichage_table\"><a href=\"#\" onClick=\"confirmer('?inc=files&do=delete_file&id_file=".$fichier[0]."&key=".$key."','".confirm_supprimer_file."')\" title=\"".supprimer."\"><img border=\"0\" src=\"../images/others/delete.png\" width=\"32\" height=\"32\" /></a></td>";
					
				echo "</tr>\n";
			}
			echo "\n</table>";

			if ($page_max > 1){

				$page_precedente = $page - 1;
				$page_suivante = $page + 1;

  			echo "<br /><table border=\"0\" align=\"center\"><tr>";

				if ($page_precedente >= 1)
					echo "<td><a href=\"?inc=files&l=".$page_precedente."\"><img border=\"0\" src=\"../images/others/precedent.png\" width=\"32\" height=\"32\" /></a></td><td><a href=\"?inc=files&l=".$page_precedente."\"><b>".page_precedente."</b></a></td>";

				echo "<td>";
			
				for($i=1;$i<=$page_max;$i++){
					if ($i != $page)
						echo "<a href=\"?inc=files&l=".$i."\">";
				
					echo "<b>".$i."</b>";
			
					if ($i != $page)
						echo "</a>";
				
					echo "&nbsp; ";
				}
			
				echo "</td>";
		
				if ($page_suivante <= $page_max)
					echo "<td><a href=\"?inc=files&l=".$page_suivante."\"><b>".page_suivante."</b></a></td><td><a href=\"?inc=files&l=".$page_suivante."\"><img border=\"0\" src=\"../images/others/suivant.png\" width=\"32\" height=\"32\" /></a></td>";

				echo "</tr></table>";
			}
    } else echo aucun_fichier_trouve;
   }
  }
 }
} else echo restricted_access;

?>